-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 17 February 2015 at 11:13:18 AM, in
mid:20150217061318.3cd64936@scorpio, Jerry wrote:
That is the reason I detest INLINE as opposed to
PGP/MIME.
You detest pgp-inline for the main reason I prefer it. Wouldn't life
be boring if
Jerry writes:
...Worse,
since most users have no concept of trimming a message before replying to
it, even more useless garbage is transmitted when replied to, thus killing
more innocent electrons and wasting bandwidth not to mention the consumption
of screen territory.
Does that make you an
On Tue, 17 Feb 2015 00:16:26 +, MFPA stated:
I like that advantage of keeping it all visible in the message body.
That is the reason I detest INLINE as opposed to PGP/MIME. The insertion of
superfluous garbage in the message body is annoying to say the least. Worse,
since most users have no
Hi, Christopher,
Am 16.02.2015 um 13:01 schrieb Christopher Beck:
Hi,
now I'll use the inline format. If you can now verify my signature, this
still could be the same bug (or whatever it is...).
Ah sorry, the previous mail still was MIME. Now it's inline.
The signature of this
Am 16.02.2015 um 00:01 schrieb Damien Goutte-Gattat:
What's wrong with what I am doing?
You provide GnuPG with only the *signature*. You need to also give it the
*signed data* (the message) so that it can perform the verification.
If you want to do that manually (something you don’t
Am 16.02.2015 um 13:53 schrieb Philip Jackson:
[...]
What's wrong with what I am doing?
With the expression you used, (gpg --verify signature.asc), gpg will look for
a
similarly named data file in the same directory where you saved signature.asc.
Is that data file (the signed email)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Monday 16 February 2015 at 5:38:08 AM, in
mid:m0lhjy8lhb@kcals.intra.maillard.im, Xavier Maillard wrote:
One more argument in favor of the inline: it questions
my fellows; what are these cabalistic caracters and
then you can what's the
On 15/02/15 22:42, Stephan Beck wrote:
Hi, Christopher,
Am 15.02.2015 um 20:14 schrieb Christopher Beck:
On Sunday 15 February 2015 16:30:33 Stephan Beck wrote:
Am 15.02.2015 um 12:26 schrieb Ludwig Hügelschäfer:
On 14.02.15 23:05, Stephan Beck wrote:
Sometimes my signatures are being
On Sun, 15 Feb 2015 19:56:21 -0800, Doug Barton stated:
I get that you have a preference, and personally I don't care how you
sign your messages. But as I stated before, it really bothers me when
the zealots (on either side) misrepresent the facts in order to bolster
their case.
I agree
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 16 February 2015 12:32:49 Christopher Beck wrote:
On Sunday 15 February 2015 22:42:09 Stephan Beck wrote:
Hi, Christopher,
Am 15.02.2015 um 20:14 schrieb Christopher Beck:
On Sunday 15 February 2015 16:30:33 Stephan Beck wrote:
On Sunday 15 February 2015 22:42:09 Stephan Beck wrote:
Hi, Christopher,
Am 15.02.2015 um 20:14 schrieb Christopher Beck:
On Sunday 15 February 2015 16:30:33 Stephan Beck wrote:
Am 15.02.2015 um 12:26 schrieb Ludwig Hügelschäfer:
On 14.02.15 23:05, Stephan Beck wrote:
Sometimes my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 14.02.15 23:05, Stephan Beck wrote:
Well, it's rather a precautionary measure than an actual security
measure, , reminding me of not trusting the key owner's ability to
handle and verify signatures correctly, if he/she uses a signature
no
Hi MFPA
Am 15.02.2015 um 13:14 schrieb MFPA:
On Saturday 14 February 2015 at 10:05:24 PM, in
mid:54dfc6a4.8070...@mailbox.org, Stephan Beck wrote:
Well, it's rather a precautionary measure than an
actual security measure, , reminding me of not trusting
the key owner's ability to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Saturday 14 February 2015 at 10:05:24 PM, in
mid:54dfc6a4.8070...@mailbox.org, Stephan Beck wrote:
Well, it's rather a precautionary measure than an
actual security measure, , reminding me of not trusting
the key owner's ability to handle
On 02/15/2015 04:12 PM, Stephan Beck wrote:
Obviously, it indicates a key ID 0xBA4909B78F04DE1B and links to a key that is
not the key the message was signed with (which is DE2FFC869AFA5165, according to
Enigmail/gpg), even if the fingerprint is given as well.
Well, the 0xDE2FFC869AFA5165 key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 15.02.15 16:30, Stephan Beck wrote:
OK, I give you that, strictly speaking, it might not be the same,
but at the moment I had no other measure at hand to remind me of
being careful with that kind of event. And a bad signature event is
not
Am 15.02.2015 um 17:25 schrieb Ludwig Hügelschäfer:
On 15.02.15 16:30, Stephan Beck wrote:
The only place to get trust to the senders key (i.e. to make it
valid for you) is to meet the key owner in real life, verify the
identity documents, his fingerprint and mail addresses and sign his
Hi, Hauke,
Am 15.02.2015 um 17:04 schrieb Hauke Laging:
Am So 15.02.2015, 16:12:01 schrieb Stephan Beck:
X-GPG-Key-ID: 0xBA4909B78F04DE1B
X-GPG-Key:
http://wwwkeys.pgp.net/pks/lookup?search=0xBA4909B78F04DE1Bop=index
X-GPG-Fingerprint: 9983 DCA1 1FAC 8DA7 653A F9AA BA49 09B7 8F04 DE1B
Am So 15.02.2015, 16:12:01 schrieb Stephan Beck:
X-GPG-Key-ID: 0xBA4909B78F04DE1B
X-GPG-Key:
http://wwwkeys.pgp.net/pks/lookup?search=0xBA4909B78F04DE1Bop=index
X-GPG-Fingerprint: 9983 DCA1 1FAC 8DA7 653A F9AA BA49 09B7 8F04 DE1B
Obviously, it indicates a key ID 0xBA4909B78F04DE1B and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 15.02.15 17:11, Damien Goutte-Gattat wrote:
Error - signature verification failed Public key DE2FFC869AFA5165
needed to verify signature
^^
This is a bug in Enigmail 1.7.2. The sentence should be: Public
Am So 15.02.2015, 20:55:05 schrieb Matthias Mansfeld:
One point for inline vs. MIME: You can easily Ctrl-V the complete
inline signed or encrypted mail in the clipboard and Ctrl-V it in any
GnuPG Interface. Doesn't work with a PGP/MIME mail.
Let's hope that changes soon:
On Sunday 15 February 2015 16:30:33 Stephan Beck wrote:
Am 15.02.2015 um 12:26 schrieb Ludwig Hügelschäfer:
On 14.02.15 23:05, Stephan Beck wrote:
Well, it's rather a precautionary measure than an actual security
measure, , reminding me of not trusting the key owner's ability to
handle
Zitat von Christopher Beck bec...@beckus.eu:
According to the question in the topic: inline signatures always worked, MIME
didn't. I still wonder why, and after my next exams I'll investigate on
that...
One point for inline vs. MIME: You can easily Ctrl-V the complete
inline signed or
On Sat 2015-02-14 16:36:08 -0500, Doug Barton wrote:
FWIW, I hate this debate, and try hard to stay out of it. But it really
bothers me when people spread factually incorrect information,
especially when they try to use that as the basis of their arguments
for/against one method or the
What's wrong with what I am doing?
You provide GnuPG with only the *signature*. You need to also give it
the *signed data* (the message) so that it can perform the verification.
If you want to do that manually (something you don’t usually do with
PGP/MIME signatures, since it’s quite
A bad signature _only shows one thing_: The message was modified
along the way from the signing process (at the senders computer) to
the verification process (at your computer).
It doesn't even show that.
The modification can be in the signature, not the message -- meaning
it's possible to
On Sunday 15 February 2015 15:20:39 Jerry wrote:
On Sun, 15 Feb 2015 20:55:05 +0100, Matthias Mansfeld stated:
One point for inline vs. MIME: You can easily Ctrl-V the complete
inline signed or encrypted mail in the clipboard and Ctrl-V it in any
GnuPG Interface. Doesn't work with a
Hi, Christopher,
Am 15.02.2015 um 20:14 schrieb Christopher Beck:
On Sunday 15 February 2015 16:30:33 Stephan Beck wrote:
Am 15.02.2015 um 12:26 schrieb Ludwig Hügelschäfer:
On 14.02.15 23:05, Stephan Beck wrote:
Sometimes my signatures are being counted as bad ones. But I figured out it
On Sun, 15 Feb 2015 20:55:05 +0100, Matthias Mansfeld stated:
One point for inline vs. MIME: You can easily Ctrl-V the complete
inline signed or encrypted mail in the clipboard and Ctrl-V it in any
GnuPG Interface. Doesn't work with a PGP/MIME mail.
I have never, ever had a reason to do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Sunday 15 February 2015 at 3:12:01 PM, in
mid:54e0b741.4000...@mailbox.org, Stephan Beck wrote:
Didn't you say before you got the same error message as
I did?
Yes, I get gpg: BAD signature from Xavier Maillard
xav...@maillard.im
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Sunday 15 February 2015 at 4:25:56 PM, in
mid:54e0c894.8080...@hammernoch.net, Ludwig Hügelschäfer wrote:
The only place to get trust to the senders key (i.e. to
make it valid for you) is to meet the key owner in
real life, verify the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2/15/15 12:26 PM, Daniel Kahn Gillmor wrote:
| On Sat 2015-02-14 16:36:08 -0500, Doug Barton wrote:
| FWIW, I hate this debate, and try hard to stay out of it. But it really
| bothers me when people spread factually incorrect information,
|
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Sunday 15 February 2015 at 7:55:05 PM, in
mid:20150215205505.horde.1fuphhfyhivqsunkufin...@webmail.df.eu,
Matthias Mansfeld wrote:
One point for inline vs. MIME: You can easily Ctrl-V
the complete inline signed or encrypted mail in the
MFPA 2014-667rhzu3dc-lists-gro...@riseup.net writes:
My preference is Inline: I want everything right there
in the message body where I can see it.
Exactly what is it you feel the over powering urge to
see?
If the message text is covered by a signature, I want to see the
signature. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 16.02.15 00:07, Robert J. Hansen wrote:
A bad signature _only shows one thing_: The message was
modified along the way from the signing process (at the senders
computer) to the verification process (at your computer).
It doesn't even show
On 2015-02-12 23:46, Xavier Maillard wrote:
Hello,
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a MIME header
?
Is there a big thumb rule to respect ?
Regards
--
Sent with my mu4e
This is a bit of a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 13 February 2015 at 7:41:14 PM, in
mid:54de535a.2060...@sixdemonbag.org, Robert J. Hansen wrote:
Postel's sentiments were more, Reject traffic that
does not conform to the spec, even if it's in common
use; accept traffic that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 13 February 2015 at 5:12:18 PM, in
mid:8364c525-7042-4575-8d9d-3259a87a8...@asatiifm.net, Ville Määttä
wrote:
Fortunately it certainly does not.
I doubt that many spam emails contain an inline OpenPGP signature, or
text that looks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 13 February 2015 at 1:14:25 PM, in
mid:20150213081425.7a418830@scorpio, Jerry wrote:
On Fri, 13 Feb 2015 12:22:23 +, MFPA stated:
My preference is Inline: I want everything right there
in the message body where I can see it.
Rejecting traffic that does not conform to the spec, even if it's in
common use is counter-intuitive.
To you, perhaps, sure -- to me, no. Either way it doesn't matter; the
guidance is what it is, and many counterintuitive things turn out to be
true.
It seems to be denying yourself access to
On Fri, 13 Feb 2015 23:05, joh...@vulcan.xs4all.nl said:
Hmmm. Some exotic uses with ElGamal keys were removed after a bug was
discovered AFAIK. And thinking on some discussions about pgp 2
The reason for Elgamal signing keys was that back when I started with
GnuPG it was not clear whether DSA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 13 February 2015 at 11:28:43 AM, in
mid:54dddfeb.4020...@mailbox.org, Stephan Beck wrote:
BAD Signature from xx
I get that as well.
As a
security measure I have assigned your key a non-trust
attribute.
Is that something
On 2015-02-14 14:33, MFPA wrote:
Hi
On Friday 13 February 2015 at 7:41:14 PM, in
mid:54de535a.2060...@sixdemonbag.org, Robert J. Hansen wrote:
Postel's sentiments were more, Reject traffic that
does not conform to the spec, even if it's in common
use; accept traffic that conforms
FWIW, I hate this debate, and try hard to stay out of it. But it really
bothers me when people spread factually incorrect information,
especially when they try to use that as the basis of their arguments
for/against one method or the other.
On 2/14/15 7:49 AM, Hugo Osvaldo Barrera wrote:
On 2015-02-14 13:36, Doug Barton wrote:
FWIW, I hate this debate, and try hard to stay out of it. But it really
bothers me when people spread factually incorrect information, especially
when they try to use that as the basis of their arguments for/against one
method or the other.
On 2/14/15
Hi
Am 14.02.2015 um 15:44 schrieb MFPA:
Hi
On Friday 13 February 2015 at 11:28:43 AM, in
mid:54dddfeb.4020...@mailbox.org, Stephan Beck wrote:
BAD Signature from xx
I get that as well.
As a
security measure I have assigned your key a non-trust
attribute.
Is that
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Daniel Kahn Gillmor wrote:
This part appears to be out of date:
Since PGP/MIME can't reliably be sent to the three largest GnuPG
mailing lists, itâs hard to claim that PGP/MIME is ready for
widespread usage. For now, itâs best to
On Fri, 13 Feb 2015 04:18, r...@sixdemonbag.org said:
And the MIME attachment being mangled by the mailing list, yes, I agree.
It's almost a bizarre endorsement of the attachment fragility idea...
Which is a long standing problem of the Python mail library. Mailpile
also had its trouble with
On 13-02-2015 1:44, Jerry wrote:
Inline totally destroys a sig delimiter
It is supposed to sign and/or encrypt the sig too.
and adds a lot of useless garbage to the message body.
You need a mailclient to interpret that. Mail clients interprete Mime
attachments too (or not).
--
ir. J.C.A.
Hi Xavier,
Am 12.02.2015 um 23:46 schrieb Xavier Maillard:
Hello,
sorry, just to inform you that I cannot verify your signature:
While trying to verify it, Enigmail (German localization) reports the following:
Enigmail-Sicherheitsinfo:
Fehler - Überprüfung der Unterschrift fehlgeschlagen
On Fri, 13 Feb 2015 12:22:23 +, MFPA stated:
My preference is Inline: I want everything right there in the message
body where I can see it.
Exactly what is it you feel the over powering urge to see?
--
Jerry
pgpDjGfOstW1Q.pgp
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
My personal preference is inline, but I
do have a request: if you have a 4096
bit RSA key, please don't sign inline. The signature block is ridiculously
long. That's why I use DSA and
especially ed25519 for signing.
My main email access is on my
On 2015-02-13 15:07, Brian Minton wrote:
if you have a 4096 bit RSA key, please dont sign inline. The
signature block is
ridiculously long.
You'll find it is actually even an 8192 bit RSA key.
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me
On 13 Feb 2015, at 08:25, Christopher W. Richardson c...@cwrichardson.com
wrote:
FWIW, Mac Mail marked this message as spam. Not sure if it universally does
that for all inline sigs, but ... FYI.
Chris
Fortunately it certainly does not.
--
Ville
signature.asc
Description: Message
On 2/12/2015 at 5:42 PM, Xavier Maillard xav...@maillard.im wrote:
Hello,
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a
MIME header ?
=
If, by 'perfect', you mean that it's as close to possible to not be
On 13-02-2015 16:44, Mark H. Wood wrote:
Some people will complain if you use one format, and others will
complain if you use the other, so unless there's someone you
especially want to favor (or annoy) you may as well send what you
would most like to receive. (Isn't there some sort of
Be liberal in what you accept, and conservative in what you send:
https://en.wikipedia.org/wiki/Robustness_principle
It's worth noting that Postel (the guy who first formulated it) was very
dissatisfied with how people tended to interpret Postel's Law. Per him,
he felt most people who quoted
On 2/13/15 4:01 AM, MFPA wrote:
In an OpenPGP-aware mail client, that is the decision of the
developer. For example, is there any huge reason why it would be a bad
idea to treat dashspacedashdashnewline the same as they
treat dashdashspacenewline?
And Enigmail, for example, can do exactly
On 13-02-2015 20:41, Robert J. Hansen wrote:
It's worth noting that Postel (the guy who first formulated it) was very
dissatisfied with how people tended to interpret Postel's Law.
I think Godwin is even more dissatisfied. :-)
This has long been one of my complaints about the way GnuPG gets
Peter Lebbing pe...@digitalbrains.com writes:
On 2015-02-13 15:07, Brian Minton wrote:
if you have a 4096 bit RSA key, please dont sign inline. The
signature block is
ridiculously long.
You'll find it is actually even an 8192 bit RSA key.
Yes sorry. I should add a smaller key for that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 13 February 2015 at 10:19:06 AM, in
mid:54ddcf9a.5070...@vulcan.xs4all.nl, Johan Wevers wrote:
On 13-02-2015 1:44, Jerry wrote:
Inline totally destroys a sig delimiter
In an OpenPGP-aware mail client, that is the decision of
des-apare.cido...@autistici.org writes:
Maybe I cannot offer a big rule for THE preferred way. Jerry is
right, but maybe we HAVE to deal with recipients who have no
influence to take a mail client which is capable to handle PGP/MIME
sigbatures properly. Then it is also MY problem.
I agree.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thursday 12 February 2015 at 10:46:33 PM, in
mid:m0vbj6n3xy@kcals.intra.maillard.im, Xavier Maillard wrote:
in my quest of the perfect setup, I am asking myself
what is the prefered way to sign a message: inline
(like this one) or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a MIME header ?
Is there a big thumb rule to respect ?
Regards
- --
Sent with my mu4e
-BEGIN PGP
On Thu 2015-02-12 18:14:14 -0500, Robert J. Hansen wrote:
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a
MIME header ?
Is there a big thumb rule to respect ?
On Thu, 12 Feb 2015 23:46:33 +0100, Xavier Maillard stated:
Hello,
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a MIME
header ?
Is there a big thumb rule to respect ?
Inline totally destroys a sig
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a
MIME header ?
Is there a big thumb rule to respect ?
https://www.gnupg.org/faq/gnupg-faq.html#use_pgpmime
smime.p7s
Description: S/MIME Cryptographic
Robert J. Hansen r...@sixdemonbag.org writes:
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a
MIME header ?
Is there a big thumb rule to respect ?
https://www.gnupg.org/faq/gnupg-faq.html#use_pgpmime
THank
Jerry je...@seibercom.net writes:
On Thu, 12 Feb 2015 23:46:33 +0100, Xavier Maillard stated:
Hello,
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a MIME
header ?
Is there a big thumb rule to respect ?
I don't know if this is true for PGP-Basics, but it is certainly not
true for enigmail or gnupg-users. Please update the FAQ!
It's still true for PGP-Basics; Enigmail's been bit by it within the
last year, if memory serves, but it's been generally accepted; GnuPG's
been AFAIK stable for it.
Zitat von Xavier Maillard xav...@maillard.im:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
in my quest of the perfect setup, I am asking myself what is the
prefered way to sign a message: inline (like this one) or using a
MIME header ?
Is there a big thumb rule to respect ?
FWIW, Mac Mail marked this message as spam. Not sure if it universally does
that for all inline sigs, but ... FYI.
Chris
On 12 Feb 2015, at 23:46, Xavier Maillard xav...@maillard.im wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
in my quest of the perfect setup, I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Maybe I cannot offer a big rule for THE preferred way. Jerry is
right, but maybe we HAVE to deal with recipients who have no
influence to take a mail client which is capable to handle PGP/MIME
sigbatures properly. Then it is also MY problem.
I
73 matches
Mail list logo